This is the MPI Software Security group lead by Dr Marcel Böhme at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany. We are interested in the automatic discovery of security flaws in software systems at the very large scale. Some of us work on the foundations of automatic vulnerability discovery and program analysis in general. For instance, we seek to identify fundamental limitations of existing techniques, we study empirical methods (incl. statistical and causal reasoning) for program analysis, and we explore the assurances that software testing provides when no bugs are found. Another part of our group develops practical vulnerability discovery tools that are widely used in software security practice. For instance, Entropic is the default power schedule in LibFuzzer which powers the largest fuzzing platforms at Google and Microsoft, fuzzing hundreds of security-critical projects on 100k machines 24/7. Our tools have discovered 100+ bugs in widely-used software systems, more than 70 of which are security-critical vulnerabilities registered as CVEs at the US National Vulnerability Database.
We are always looking to recruit
👩🎓 PhD students and
👩💻 interns
in Software Security. Just reach out via email.
You'll need a strong background in one of:
* Statistics, data science,
ML (causality, security flaws), and/or
* Program analysis, system building,
vulnerability discovery, CTFs.
Faculty member
Research Fellow
PhD Student (MPI-SP / CASA)
PhD Student (MPI-SP)
PhD Student (MPI-SP)
Sharif University, Iran
UCI, USA
PhD student (ANU, on leave @ Anthropic, w/ Tony Hosking)
PhD student (CISPA / RUB, main advisor: Thorsten Holz)
PhD student (CASA / RUB, main advisor: Kevin Borgolte)
PhD student (CASA / RUB, main advisor: Kevin Borgolte)
PostDoc 2020-23. Now at Monash University.
PostDoc 2018-20. Now at University of Melbourne.
PostDoc 2022. RUB, Germany. Now at Onapsis Inc.
PhD 2023. Now at University of Sydney, Australia.
PhD 2023. Now at University of Ruhuna, Sri Lanka.
PhD 2022 (co-adviced). Now at Oracle Labs, Australia.
2022/23. U. of Buenos Aires, Argentina. Now at Canonical.
2020-22. Monash U, Australia. Now at Deloitte.